summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/kdf/tls1_prf.c121
1 files changed, 58 insertions, 63 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c
index 594537ca3f..ab21644d7a 100644
--- a/src/lib/libcrypto/kdf/tls1_prf.c
+++ b/src/lib/libcrypto/kdf/tls1_prf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls1_prf.c,v 1.31 2024/07/09 17:04:50 tb Exp $ */ 1/* $OpenBSD: tls1_prf.c,v 1.32 2024/07/09 17:05:46 tb Exp $ */
2/* 2/*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project 3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4 * 2016. 4 * 2016.
@@ -67,11 +67,6 @@
67 67
68#include "evp_local.h" 68#include "evp_local.h"
69 69
70static int tls1_prf_alg(const EVP_MD *md,
71 const unsigned char *secret, size_t secret_len,
72 const unsigned char *seed, size_t seed_len,
73 unsigned char *out, size_t out_len);
74
75#define TLS1_PRF_MAXBUF 1024 70#define TLS1_PRF_MAXBUF 1024
76 71
77struct tls1_prf_ctx { 72struct tls1_prf_ctx {
@@ -188,63 +183,6 @@ pkey_tls1_prf_ctrl_str(EVP_PKEY_CTX *ctx,
188} 183}
189 184
190static int 185static int
191pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
192 size_t *keylen)
193{
194 struct tls1_prf_ctx *kctx = ctx->data;
195
196 if (kctx->md == NULL) {
197 KDFerror(KDF_R_MISSING_MESSAGE_DIGEST);
198 return 0;
199 }
200 if (kctx->secret == NULL) {
201 KDFerror(KDF_R_MISSING_SECRET);
202 return 0;
203 }
204 if (kctx->seed_len == 0) {
205 KDFerror(KDF_R_MISSING_SEED);
206 return 0;
207 }
208 return tls1_prf_alg(kctx->md, kctx->secret, kctx->secret_len,
209 kctx->seed, kctx->seed_len,
210 key, *keylen);
211}
212
213const EVP_PKEY_METHOD tls1_prf_pkey_meth = {
214 .pkey_id = EVP_PKEY_TLS1_PRF,
215 .flags = 0,
216
217 .init = pkey_tls1_prf_init,
218 .copy = NULL,
219 .cleanup = pkey_tls1_prf_cleanup,
220
221 .paramgen = NULL,
222
223 .keygen = NULL,
224
225 .sign_init = NULL,
226 .sign = NULL,
227
228 .verify_init = NULL,
229 .verify = NULL,
230
231 .verify_recover = NULL,
232
233 .signctx_init = NULL,
234 .signctx = NULL,
235
236 .encrypt = NULL,
237
238 .decrypt = NULL,
239
240 .derive_init = NULL,
241 .derive = pkey_tls1_prf_derive,
242
243 .ctrl = pkey_tls1_prf_ctrl,
244 .ctrl_str = pkey_tls1_prf_ctrl_str,
245};
246
247static int
248tls1_prf_P_hash(const EVP_MD *md, 186tls1_prf_P_hash(const EVP_MD *md,
249 const unsigned char *secret, size_t secret_len, 187 const unsigned char *secret, size_t secret_len,
250 const unsigned char *seed, size_t seed_len, 188 const unsigned char *seed, size_t seed_len,
@@ -355,3 +293,60 @@ tls1_prf_alg(const EVP_MD *md,
355 293
356 return 1; 294 return 1;
357} 295}
296
297static int
298pkey_tls1_prf_derive(EVP_PKEY_CTX *ctx, unsigned char *key,
299 size_t *keylen)
300{
301 struct tls1_prf_ctx *kctx = ctx->data;
302
303 if (kctx->md == NULL) {
304 KDFerror(KDF_R_MISSING_MESSAGE_DIGEST);
305 return 0;
306 }
307 if (kctx->secret == NULL) {
308 KDFerror(KDF_R_MISSING_SECRET);
309 return 0;
310 }
311 if (kctx->seed_len == 0) {
312 KDFerror(KDF_R_MISSING_SEED);
313 return 0;
314 }
315 return tls1_prf_alg(kctx->md, kctx->secret, kctx->secret_len,
316 kctx->seed, kctx->seed_len,
317 key, *keylen);
318}
319
320const EVP_PKEY_METHOD tls1_prf_pkey_meth = {
321 .pkey_id = EVP_PKEY_TLS1_PRF,
322 .flags = 0,
323
324 .init = pkey_tls1_prf_init,
325 .copy = NULL,
326 .cleanup = pkey_tls1_prf_cleanup,
327
328 .paramgen = NULL,
329
330 .keygen = NULL,
331
332 .sign_init = NULL,
333 .sign = NULL,
334
335 .verify_init = NULL,
336 .verify = NULL,
337
338 .verify_recover = NULL,
339
340 .signctx_init = NULL,
341 .signctx = NULL,
342
343 .encrypt = NULL,
344
345 .decrypt = NULL,
346
347 .derive_init = NULL,
348 .derive = pkey_tls1_prf_derive,
349
350 .ctrl = pkey_tls1_prf_ctrl,
351 .ctrl_str = pkey_tls1_prf_ctrl_str,
352};
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-18 14:25:15 +0000